Yahoo password breach: Yahoo is looking into a major hack that slurped up the usernames and passwords of 435,000 accounts Thursday.
According to the security firm TrustedSec, a hacking group known as the D33D Company picked up the passwords from Yahoo Voices, the Sunnyvale, Calif.-based company’s crowd-sourced publishing platform. Yahoo Voices, formerly known as Associated Content, invites users to submit articles through the Yahoo Contributor Network.
The security firm said that the passwords and usernames appeared to be stored without encryption, in plain text. That means anyone could use the information immediately.
Yahoo did not immediately respond to a request for comment, but said in a statement to the Associated Press that it is looking into the claims of a breach. Caroline MacLeod-Smith, head of public relations for Yahoo in the U.K., told AP that she couldn’t provide any more details about the breach the company is investigating, including the size of the attack.
Tridium security risks: Tridium, a company that has used the Internet to manage business on any kind of electronic device, is boosting its security after finding cybersecurity risks to several of its networks, The Washington Post reported.
The vulnerabilities further highlight the downside of highly-connected networks — particularly when connected to public networks — and the question of how much information companies should provide to consumers about those vulnerabilities.
“There are hundreds of thousands of installations on networks, including [Defense Department] installations and Fortune 500 firms,” Billy Rios, a security researcher and a co-author of “Hacking: The Next Generation,”told The Washington Post. “These customers have no idea they are exposed.”
FCC chairman speaks out against Russian law: A top U.S. official on Thursday criticized the new Internet law in Russia that won approval in the lower house of the Parliament on Wednesday, saying it could limit free speech and civil rights. The law allows the government to create an Internet blacklist, The Post reported, presented as a way to eliminate Web sites devoted to things such as child pornography, illegal drug use and suicide. But critics worry that the measure will be used to censor free speech.
Julius Genachowski, chairman of the Federal Communications Commission, on Thursday called the measure “a troubling and dangerous direction.”
“The world’s experience with the Internet provides a clear lesson: a free and open Internet promotes economic growth and freedom; restricting the free flow of information is bad for consumers, businesses, and societies,” he said in a statement.
Aereo wins in court: Aereo will not be shut down by broadcasters, a federal judge ruled Wednesday, rejecting charges that the streaming service is “misappropriating copyrighted material,” The Post reported.
“This isn’t just a win for Aereo, it’s also a significant win for consumers who are demanding more choice and flexibility in the way they watch television,” said Aereo CEO and founder Chet Kanojia. “We said from the start that we believed that a full and fair airing of the issues would reveal that Aereo’s groundbreaking technology falls squarely within the law.”
The decision came as Viacom and DirecTV publicly aired a carriage dispute that took content from 17 popular channels off of the satellite service Tuesday. Viacom also made the decision to pull its programming, such as Comedy Central’s “The Daily Show with Jon Stewart” off the Web — a move DirecTV called a strong-arm tactic.
Free apps, privacy risks?: A study from the mobile security firm Lookout found that over 5 percent of free Android apps use at least one “aggressive” ad network that the firm says uses tactics bordering on malicious.
The study, written by Information Week, said that the advertisers must be more clear about what information they are collecting from users, how that information is stored and how it is used.
The study comes as the National Telecommunications Information Administration meets with app developers, privacy experts and others to discuss how best to apply the Consumer Privacy Bill of Rights to mobile apps. The Thursday discussion is the first of a planned series of discussions to look at mobile app transparency.